<!-- #include file="df.asp" -->
<%
'Loga o usuario
if request("login") = "sim" then
	username = request("email")
	password = request("senha") 
	set passSet = abredb.Execute("select email,senha,cpf from clientes where email='"&Cripto(username,true)&"';")
	if passSet.EOF then 
		abredb.close
		set abredb = nothing
		set passSet = nothing
		response.redirect"fechapedido.asp?compra=entrar&erro=- " & strLg183 & "&user=x"
	else
		'Valida a senha
		real_password = cripto(trim(passSet("senha")),false)
		if password = real_password then
			session("usuario") = username
			session.timeout = 60
			response.cookies(""&nomeloja&"")("usuario")= username
			response.cookies(""&nomeloja&"").expires = "01/01/"&year(now) + 1
		else 
			abredb.close
			set abredb = nothing
			set passSet = nothing
			response.redirect "fechapedido.asp?compra=entrar&erro2=- " & strLg184 & "&user="&username
		end if
	end if 
	
	set passSet = nothing
	abredb.close
	set abredb = nothing
	response.redirect "default.asp"
else
	username = request("email")
	password = request("senha") 
	checkPass = "select email,senha,cep from clientes where email='"&Cripto(username,true)&"';"
	set passSet = abredb.Execute(checkPass)
	if passSet.EOF then 
		abredb.close
		set abredb = nothing
		set passSet = nothing	
		response.redirect "fechapedido.asp?compra=login&erro=- " & strLg183 & "&user=x"
	else
		real_password = Cripto(trim(passSet("senha")),false)
		real_cep = Cripto(trim(passSet("cep")),false)
		if password = real_password then
			session("usuario") = username
			session.timeout = 60
			response.cookies(""&nomeloja&"")("usuario")= username
			response.cookies(""&nomeloja&"").expires = "01/01/"&year(now) + 1
		else
			abredb.close
			set abredb = nothing
			set passSet = nothing
			response.redirect "fechapedido.asp?compra=login&erro2=- " & strLg184 & "&user="&username
		end if
	end if 
	
	set passSet = nothing
	abredb.close
	set abredb = nothing

	if session("PesoTotalCep")<> real_cep AND session("modo_entrega")="sedex" then
		erro = "- " & strLg281 & "<br>" 
		response.redirect "carrinhodecompras.asp?erro="&Server.URLEncode(erro)&"&rec=s&cep="&real_cep
	else
		response.redirect "fechapedido.asp?compra=ok"
	end if

end if
%>